<?php
/**
 * This class was designed for php session management.
 * It contains all the usefull functions for validating user or for storing user data;
 *
 */
class Auth{
	/**
	 * check whether the user has logined.
	 *
	 * @return boolean
	 */
	public static function islogin(){
		return !Auth::requireLogin();
	}
	/**
	 * check whether require the user enter the uid and password to login.
	 * if the cookie login success then the user can automatically login.
	 *
	 * @return boolean
	 */
	static function requireLogin(){
		if(!isset($_SESSION)) session_start();
		if(isset($_SESSION['userinfo']) && isset($_SESSION['expire'])){
			if($_SESSION['expire'] < time()) return !Auth::cookielogin();
			else return false;
		}else{
			return !Auth::cookielogin();
		}
	}
	public static function GetData($key=null){
		if(Auth::requireLogin()) return false;
		if(!isset($_SESSION)) session_start();
		$_SESSION['expire'] = time() + 60*30;
		if($key==null) return $_SESSION['userinfo'];
		else return $_SESSION['userinfo'][$key];
	}
	private static function cookielogin(){
		global $_COOKIE;
		if(isset($_COOKIE['mycookie']) && strlen(@$_COOKIE['mycookie']) > 10){
			$db = getDb();
			$db->connect();
			$userinfo = $db->fetchOne("SELECT * FROM user_t WHERE cookieid={0}",$_COOKIE['mycookie']);
			if($userinfo == null) return false;
			$re = Auth::DoLogin($userinfo['uid'],$userinfo['pwd'],true,false);
			if($re){
				if(!isset($_SESSION)) session_start();
				$userinfo = $_SESSION['userinfo'];
			}
			return $re === true ? true : false;
		}else return false;
	}
	public static function reload(){
		$db = getDb();
		$db->connect();
		$userinfo = $db->fetchOne("SELECT * FROM user_t WHERE uid={0}",Auth::GetData('uid'));
		if($userinfo == null) return false;
		$rem = strlen($userinfo['cookieid']) > 10;
		$re = Auth::DoLogin($userinfo['uid'],$userinfo['pwd'],$rem,false);
	}
	public static function DoLogout(){
		$uid = Auth::GetData('uid');
		$db = getDb();
		$db->connect();
		if($uid>0)
			$db->execute("UPDATE user_t SET cookieid='' WHERE uid=".$uid);
		$_SESSION['userinfo'] = null;
		$_SESSION['expire'] = null;
		return true;
	}
	public static function DoLogin($uid,$pwd,$rem=true,$md5=true){
		global $_SERVER;
		/*@var $db DbMySQL */
		if(!isset($_SESSION)) session_start();
		$db = getDb();
		$db->connect();
		$userinfo = $db->fetchOne("SELECT * FROM user_t WHERE uid={0}",array($uid));
		if($userinfo == null) return "用户$uid为非法用户.<br />";
		if($md5) $pwd = md5($pwd);
		if($userinfo['pwd'] != $pwd) return '密码错误.<br />';
		if($md5){
			$db->execute('UPDATE user_t SET lastlogin={0},logincount=logincount+1 WHERE uid={1}',array(date("Y-m-d H:i:s"),$userinfo['uid']));
		}
		unset($userinfo['pwd']);
		unset($userinfo['cookieid']);
		$expire = time() + 86400 * 50;//50 days
		$cookiecode = rand(10000,99999).rand(10000,99999).rand(10000,99999).rand(10000,99999).rand(10000,99999).rand(10000,99999);
		$c = setcookie('mycookie',$cookiecode,$expire,'/',$_SERVER["HTTP_HOST"]);
		if($rem && $c){
			$db->execute("UPDATE user_t SET cookieid={0} WHERE uid={1}",array($cookiecode,$userinfo['uid']));
		}else {
			$db->execute("UPDATE user_t SET cookieid={0} WHERE uid={1}",array('',$userinfo['uid']));
		}
		$_SESSION['userinfo'] = $userinfo;
		$_SESSION['expire'] = time() + 60*30;
		return true;
	}
}
?>